Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/E0C5B7148F2C11EEA361B22FC4F9AE02.roa
File: E0C5B7148F2C11EEA361B22FC4F9AE02.roa (raw, json)
Hash identifier: Aqyl2hhEx5BpBctkE5rWM8Kv0ZDOqQAIfUrt5yWaYks=
Subject key identifier: 3B:9B:12:3A:30:D2:20:B2:A9:CF:6C:56:F3:50:40:AC:EE:1E:CE:DC
Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial: 03EE
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/E0C5B7148F2C11EEA361B22FC4F9AE02.roa
Signing time: Sun 15 Dec 2024 00:33:26 +0000
ROA not before: Sun 15 Dec 2024 00:33:26 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136038
IP address blocks: 103.254.72.0/24 maxlen: 24
103.254.73.0/24 maxlen: 24
103.254.74.0/24 maxlen: 24
103.254.75.0/24 maxlen: 24
192.51.188.0/24 maxlen: 24
192.197.113.0/24 maxlen: 24
199.212.57.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1006 (0x3ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEB81
Validity
Not Before: Dec 15 00:33:26 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675e23d6-765a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1c:25:c6:d2:b0:42:bf:f3:9e:dd:3e:a5:ae:
6b:12:d8:fb:8d:b1:ad:f5:33:6e:fd:23:ee:e8:23:
25:ef:e7:83:21:42:40:fd:e9:b5:58:50:f0:b7:2c:
9e:39:0e:4f:13:2c:85:e9:dc:9b:7b:b2:22:ad:d8:
b3:fc:15:db:46:26:99:3e:0f:b1:47:a4:04:14:fc:
10:d2:89:5e:ae:a1:58:de:c9:07:00:65:e4:b8:0e:
76:f6:30:8a:b8:07:00:0c:96:98:67:03:1b:77:1a:
97:24:a4:31:22:cc:43:57:7b:4e:bf:16:fb:a0:df:
65:a9:57:5b:d6:d7:76:ff:5a:9a:8d:80:71:4f:f7:
cc:2d:0c:83:6f:aa:3f:0c:ee:fa:24:7c:7e:fc:13:
f1:6e:d9:57:a7:28:8f:9e:22:a3:30:6f:6b:bb:b5:
32:7f:8b:27:b6:f4:47:99:bb:84:2b:c9:11:9d:8d:
19:65:1a:db:29:a0:f0:48:72:94:ce:46:7b:29:bb:
21:1e:8c:3d:7b:1b:e4:e5:39:bd:0a:00:5f:ac:79:
a0:d1:e5:3d:f1:a8:fa:3f:fc:1d:3d:ad:3a:51:1b:
8b:9f:13:a7:7e:c8:0c:17:a5:d3:cb:b3:1b:3a:1d:
a0:9a:ca:10:f5:f6:3f:35:ae:67:60:63:ad:d2:1e:
f5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9B:12:3A:30:D2:20:B2:A9:CF:6C:56:F3:50:40:AC:EE:1E:CE:DC
X509v3 Authority Key Identifier:
keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/E0C5B7148F2C11EEA361B22FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.72.0/22
192.51.188.0/24
192.197.113.0/24
199.212.57.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ec:61:eb:ea:d6:ac:fb:a9:dd:0d:26:37:c7:52:e2:f5:f3:
6b:b9:c7:ba:fc:69:20:35:d1:70:b7:08:24:0e:2c:47:ce:03:
d9:a2:a6:b9:c9:20:e2:50:dd:b1:bc:b5:40:d9:88:eb:c6:4c:
bf:0c:84:93:dc:9a:b2:42:b4:ec:ba:dc:79:26:1f:dc:0f:df:
13:07:34:5b:00:8c:61:98:68:84:b9:23:79:4c:b5:bf:59:ed:
60:6c:d6:b5:74:27:c3:f1:c0:9f:20:62:82:19:01:37:3a:bf:
d7:22:4d:b5:d3:c9:12:e8:73:09:14:f7:2e:39:32:96:44:31:
4f:12:ac:f0:f3:c0:08:58:da:2a:b2:af:30:df:3a:d5:82:71:
8b:e5:65:46:00:f2:11:1e:20:d2:01:7a:77:b8:10:c1:d9:06:
ed:e4:ba:64:92:c9:d3:c0:2b:5c:d0:a8:56:50:2a:96:46:bc:
0c:fc:e8:71:9d:05:4f:51:18:a7:4f:0a:f2:95:45:05:0e:36:
c4:df:60:0e:4b:21:9e:6c:c2:e9:9a:b0:e3:83:72:3a:de:9f:
fe:6b:89:60:cf:da:0e:6c:cb:d1:3c:46:ad:db:93:27:0c:ca:
2b:3f:fe:66:92:41:85:00:71:76:d3:80:f6:ba:32:e6:50:20:
27:7b:1c:86
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA+4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC
RUQ1RDk4OTIwHhcNMjQxMjE1MDAzMzI2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVlMjNkNi03NjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArRwlxtKwQr/znt0+pa5rEtj7jbGt9TNu/SPu6CMl7+eDIUJA/em1WFDwtyye
OQ5PEyyF6dybe7Iirdiz/BXbRiaZPg+xR6QEFPwQ0olerqFY3skHAGXkuA529jCK
uAcADJaYZwMbdxqXJKQxIsxDV3tOvxb7oN9lqVdb1td2/1qajYBxT/fMLQyDb6o/
DO76JHx+/BPxbtlXpyiPniKjMG9ru7Uyf4sntvRHmbuEK8kRnY0ZZRrbKaDwSHKU
zkZ7KbshHow9exvk5Tm9CgBfrHmg0eU98aj6P/wdPa06URuLnxOnfsgMF6XTy7Mb
Oh2gmsoQ9fY/Na5nYGOt0h71PQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDubEjow
0iCyqc9sVvNQQKzuHs7cMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw
RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCODEvQ0Y5NjYzQzY3MEY3MTFFQ0IzMThFNDNBQzRGOUFFMDIvRTBDNUI3MTQ4
RjJDMTFFRUEzNjFCMjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJn/kgDBADAM7wDBADAxXEDBADH1DkwDQYJKoZIhvcNAQEL
BQADggEBABvsYevq1qz7qd0NJjfHUuL182u5x7r8aSA10XC3CCQOLEfOA9miprnJ
IOJQ3bG8tUDZiOvGTL8MhJPcmrJCtOy63HkmH9wP3xMHNFsAjGGYaIS5I3lMtb9Z
7WBs1rV0J8PxwJ8gYoIZATc6v9ciTbXTyRLocwkU9y45MpZEMU8SrPDzwAhY2iqy
rzDfOtWCcYvlZUYA8hEeINIBene4EMHZBu3kumSSydPAK1zQqFZQKpZGvAz86HGd
BU9RGKdPCvKVRQUONsTfYA5LIZ5swumasOODcjren/5riWDP2g5sy9E8Rq3bkycM
yis//maSQYUAcXbTgPa6MuZQICd7HIY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:23:00 2025 by rpki-client